public function ajaxAddAction() { $managerId = Request::getPOST('manager-id', 0); $path = Request::getPOST('path', ''); if (empty($managerId) || empty($path)) { $this->renderAjax(1, '参数错误!'); } if (!RootPermissionInterface::isValidPath(array('path' => $path))) { $this->renderAjax(1, '路径不合法!'); } // 判断manager是否存在 $managerInfo = RootManagerInterface::getById(array('id' => $managerId)); if (empty($managerInfo)) { $this->renderAjax(1, '管理员不存在!'); } // 判断路径是否存在 if (!RootPermissionInterface::findPath(array('path' => $path))) { if (rtrim($path, '/') == $path) { $this->renderAjax(1, '权限不存在!'); } else { $this->renderAjax(1, '权限文件夹不存在!'); } } // 判断是否已经被包含 $include = RootManagerInterface::checkPermission(array('id' => $managerId, 'path' => $path)); if ($include) { $this->renderAjax(1, '权限已经拥有!'); } // 添加 RootRelationInterface::save(array('manager_id' => $managerId, 'path' => $path)); $this->setNotice(FrameworkVars::NOTICE_SUCCESS, '添加权限成功!'); $this->renderAjax(0); }
/** * 权限控制 * * @param $params array( * 'user_id', // 用户id * 'path', // 权限路径 * ) * @return bool * @throws LibraryException */ public static function allowed($params) { $userId = self::get('user_id', $params, 0, TYPE_INT_GT0, true); $path = self::get('path', $params, '', TYPE_STR_Y, true); if (empty($path)) { Logger::warn('interface', '权限校验时,传入了空权限,系统默认返回true!'); return true; } // 校验权限是否存在 $existed = RootPermissionInterface::findPath(array('path' => $path, 'from_cache' => true)); if (!$existed) { Logger::warn('interface', "权限{$path}不存在!"); return false; } $managerId = RootManagerInterface::getEnabledId(array('user_id' => $userId, 'from_cache' => true)); if (empty($managerId)) { return false; } $allowed = RootManagerInterface::checkPermission(array('id' => $managerId, 'path' => $path, 'from_cache' => true)); return empty($allowed) ? false : true; }
public static function getInvalidPathList() { $where = array('group_by' => 'path'); $order = array('path' => 'ASC'); $relationList = self::getList('path AS name, count(1) AS count', $where, $order); foreach ($relationList as $i => $info) { if (RootPermissionInterface::findPath(array('path' => $info['name']))) { unset($relationList[$i]); } } return $relationList; }
public function defaultAction() { $pageSize = 20; $page = Pager::get(); $loginName = Request::getGET('login-name', ''); $path = Request::getGET('path', ''); $includePath = Request::getGET('include-path', ''); // 路径非法提示 if (!empty($path)) { if (!RootPermissionInterface::isValidPath(array('path' => $path))) { $this->setNotice(FrameworkVars::NOTICE_ERROR, "路径{$path}格式不正确!"); $url = Url::getCurrentUrl(array('path' => null)); Url::redirect($url); } } // 路径非法提示 if (!empty($includePath)) { if (!RootPermissionInterface::isValidPath(array('path' => $includePath))) { $this->setNotice(FrameworkVars::NOTICE_ERROR, "路径{$includePath}格式不正确!"); $url = Url::getCurrentUrl(array('include-path' => null)); Url::redirect($url); } } // 用户不存在提示 if (!empty($loginName)) { $userInfo = UserCommonInterface::getByLoginName(array('login_name' => $loginName)); if (empty($userInfo)) { $this->setNotice(FrameworkVars::NOTICE_ERROR, '用户不存在!'); $url = Url::getCurrentUrl(array('login-name' => null)); Url::redirect($url); } } // 构建where $where = array(); if (!empty($userInfo)) { $where[] = array('user_id', '=', $userInfo['id']); } if (!empty($path)) { $managerIds = RootManagerInterface::getAllowedManagerIds(array('path' => $path)); $where[] = array('id', 'IN', $managerIds); } if (!empty($includePath)) { $managerIds = RootManagerInterface::getIncludeManagerIds(array('path' => $includePath)); $where[] = array('id', 'IN', $managerIds); } $offset = ($page - 1) * $pageSize; $managerList = RootManagerInterface::getList(array('where' => $where, 'limit' => $pageSize, 'offset' => $offset)); $allCount = RootManagerInterface::getCount($where); $userList = array(); $pathHash = array(); if (!empty($managerList)) { $userIds = array_column($managerList, 'user_id'); $userList = UserCommonInterface::getById(array('id' => $userIds)); $userList = Arr::listToHash('id', $userList); // 获取权限列表 $managerIds = array_column($managerList, 'id'); $pathHash = RootManagerInterface::getPaths(array('id' => $managerIds)); } // 找出invalid path $invalidHash = array(); foreach ($pathHash as $id => $pathSet) { foreach ($pathSet as $tmpPath) { if (array_key_exists($tmpPath, $invalidHash)) { continue; } $invalidHash[$tmpPath] = RootPermissionInterface::findPath(array('path' => $tmpPath)) ? 0 : 1; } } // 缓存部分的html $html = array(); $html['pager'] = $this->view->fetch(array('renderAllCount' => $allCount, 'renderPageSize' => $pageSize, 'renderRadius' => 8), 'widget/pager.php'); $this->renderFramework(array('html' => $html, 'managerList' => $managerList, 'userList' => $userList, 'pathHash' => $pathHash, 'invalidHash' => $invalidHash), 'manager/list.php'); }